Nginx configuration file description (4)

 

1.0 First look at the default configuration after nginx installation

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

 

#user nobody;    
# means to start as the nobody user, generally we will change to user nginx nginx; ====> means to start as the nginx user group nginx user

worker_processes 1; #Represents
the number of worker processes, the production environment is generally set to be the same as the number of CPU cores. If the quad-core CPU is set to 4

 worker_connections  1024;

View the maximum number of files that Linux can handle

ulimit -a|grep "open files"

The maximum number of files that the system can open simultaneously is 65535. We set it to be less than or equal to this number.
    #nginx The maximum number of connections. By default, 1024 requests are processed simultaneously. Set to 65535 (algorithm: 65535 static resource servers). If the web server is set to 32767 (reverse proxy, it is equivalent to two links to connect to the client and one to serve. The number is 65535/2)
 

View the maximum number of files that can be opened by nginx

 sysctl -a |grep file

Thought, linux, everything is a file. Then a link is also a file. Then satisfy our settings. 65535 is greater than the 32767 number we set.

Number of files currently opened by the system by default

ulimit -a

If this number meets our nginx needs. 65535 is greater than the 32767 number we set.

Can be added by configuring vim /etc/security/limits.conf on the last line

 

View current user nginx 

id nginx

Found no current user.

Add current user

We will set nologin for users who run services. Do not allow to log into the system

useradd  -s /sbin/nologin nginx

Then start nginx

View run

ps aux

 

At this time, it is found that the current user starts a worker, which is the number of workers we set, and the start is started by the nginx user. Then this is convenient for our management

 

2.0 Making script service

Don't write it yourself, we will make a copy for transformation

cd /etc/systemd/system
vi nginx.service

The content is as follows

[Unit]
Description=The Nginx Http Server
After=network.target remote-fs.target nss-lookup.target

[Service]

Type=forking

PIDFile=/usr/local/nginx/logs/nginx.pid

# Start main service

ExecStart=/usr/local/nginx/sbin/nginx  

ExceReload=/usr/local/nginx/sbin/nginx -s reload

ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target

 

You can support systemctl start nginx.service        

systemctl  stop nginx.service等